Golden Path for Education - Part 1a
What is Golden Path Golden Path was developed to simplify and enhance the security of deploying a Microsoft 365 tenant solution in education. It consists of three stages: Stage 1: Deployment Guides are available online at Golden Path. This stage includes: Baseline - Stage 1a Standard - Stage 1b Advanced - Stage 1c Stage 2: A Discovery/Assessment AI tool is used to expose the tenant's configuration and analyze it against the tenant's license configurations, tenant and service settings, Microsoft's general education recommendations, and customer requirements. Stage 3: Drift Configuration management helps understand changes made against the established configuration in the tenant. These changes can be reversed or modified before any breaches or irregularities create problems. Goals and Objectives for Golden Path Goals Develop prescriptive deployment guides that provide a centralized resource with education-specific scenarios to assist organizations in defining, managing, and organizing their tenant and appropriate applications. Reduce the overall complexity of tenant and service deployment. Establish baseline recommended pathways to facilitate a common and agreed-upon configuration based on subject-matter experts. Utilize AI technology to uncover and compare recommended settings against user requirements based on documented configurations. Implement phased configurations to aid customers and partners in understanding what they may not know or should consider during discovery to meet customer expectations. Highlight unused features and products to ensure customers fully leverage the potential and benefits of their purchased product licenses. Identify opportunities for partner participation in achieving customer goals and expectations based on customer requirements and Golden Path findings. Create an easy pathway for customer change management to enhance control, security, compliance, and privacy of tenants. Develop custom assessments to evaluate product entry for items such as Copilot, Defender, Purview, Intune, Zero-Trust, and Microsoft Entra ID. Objectives Deliver information for features available (used/unused) to users based on license model. Prescriptive recommendations based on education scenarios. - Present upgrade license opportunities from A1 to A3 to A5. Security analysis exposing gaps and issues proactively to allow modifications before it's too late. Promote partner access to customers that have defined gaps based on assessments and are requesting partner assistance. Better discovery and assessment analysis with new tools. Designed to be more self-serving customer and partner access management. Speed up user adoption for educators and IT Admins alike. Baseline Stage 1a Baseline is stage 1a in the overall development of the Golden Path for Education. It is based on a majority of licenses within the tenant at the Microsoft 365 A1 for Education level. It also is a set of recommendations for ALL Microsoft Education tenants. Navigation Golden Path has three folders in the navigations. Golden Path Baseline References Golden Path folder consist of the Golden Path overall review. It goes over the entire program and the how and why it is built. Currently there are two pages, Golden Path overview and Baseline Overview. Golden Path overview menu Golden Path overview Stages (Deployment Guides, Discovery/Assessments, Drift Management) Modules (Setup, Identity, Applications, Security, and Devices) Phases (Baseline(A1), Standard(A3), Advanced(A5)) Baseline Overview Steps for each phase (Setup, Identity, Applications, Security, Devices) Licenses that are included General information links List of links for all applications and products included with A1 license List of links for all features included with A1 license Baseline menu Setup Tenant setup is key to establishing a secure and valid tenant. Setup goes through domain assignment, administration, and service management. Overview - Review all the steps that are part of the setup phase section Step 1 - Create your Office 365 tenant account Step 2 - Configure Security Center admin settings Step 3 - Secure and configure your network Step 4 - Sync your on-premises active directory Step 5 - Provision users Step 6 - Sync SIS with School Data Sync (SDS) Step 7 - License Users Identity Establishing an identity via Microsoft Entra ID and establishing authentication methods, Single Sign-On, and user procurement methodologies. Overview - Review all steps that are a part of the identity phase Step 1 - Understand identity definitions Step 2 - Configure Microsoft Entra ID basics Step 3 - Consider education identity steps Step 4 - Consider identity applications Step 5 - Set up access to operation services Step 6 - Set up identity lifecycle Step 7 - Configure security in identity Step 8 - Manage access controls Applications Applications like Microsoft Teams, SharePoint, OneDrive, Exchange Online are the core to a Microsoft tenant. Getting these applications setup are essential to allowing users in education to access services and apps like Learning Accelerators. Overview - Review all steps that are a part of the application phase Exchange Online o Step 1 - Design an Exchange Online environment o Step 2 - Set up Exchange Online o Step 3 - Configure compliance and security in Exchange Online o Step 4 - Configure address books, shared mailboxes, and clients Microsoft Teams o Overview - What is Microsoft Teams for Education o Step 1 - Configure Microsoft Teams for Education o Step 2 - Configure Microsoft Teams policies and settings for education organization OneDrive/SharePoint - Overview o Step 1 - Plan your OneDrive and SharePoint Deployment o Step 2 - Share within OneDrive and SharePoint o Step 3 - Configure security and access controls in OneDrive and SharePoint o Step 4 - Compliance considerations with OneDrive and SharePoint Security and Compliance Security via each phase is essential to maintaining order and blocking access for bad actors. Along with security compliance/privacy considerations that are established to adhere to a multitude of local and government requirements worldwide. Overview Step 1 - Security Considerations Devices Managed and unmanaged devices are another key to helping secure the network and potential cyber-security considerations that enter the network via these devices. Overview Step 1 - Review device management structure Step 2 - Plan device management Step 3 - Configure settings and applications Step 4 - Deploy and manage devices Windows 11 features and tips References menu Mulit-tenant solutions - Architectural recommendations base on multi or large tenant solutions. Accessibility Deploy Office 365 applications Pooled storage management How do you use Golden Path? Golden Path uses deployment guidelines content that contain education scenario specifics. Golden Path has a linked path for each modules based on the phase (Baseline,Standard,Advanced). Users can follow the deployment content to establish or redefine the tenant configuration in order to enable additional services and products. What’s Next Go to https://aka.ms/gp4edu to access the first part of Golden Path. Part 1b (Standard -A3 content) NEXT Part 1c (Advanced – A5 content) Part 2 - We will create a mechanism to discover the tenant configuration settings and allow customers and partners the ability to qualify what is set to standard recommendation. Using AI to deliver user requirements against the configuration will allow additional paths to enable services and features that allow the user/customer to achieve their objectives. Part 3 – Deliver drift management solution for management of unrealized or understood changes that need to be approved or modified.
Microsoft 365 A1 for devices for students
I am looking to moving the students to Microsoft Surface SE laptops and to get Microsoft 365 A1 for devices for students for them. I bought one device and one of these licenses for testing purposes and assigned the license to the device group for the device, but it doesn't seem to work. The MS Office apps all say viewer since the student account is an M365 A1 but this license is supposed to provide not only the Intune support but the licensing for office. What needs to be done or configured for it to work with the device???Such a shame...
Microsoft release Windows 11 SE - fantastic solution for education. Unfortunately operating system is OEM only and not available to install on existing devices, literally in the same year when schools across the country (UK) got millions of devices given to them for home working, most of which are now back in the school gathering dust as the spec simply isn't quite good enough for day to day use with the full Windows 10/11 build. Perfect opportunity for Microsoft to make 11 SE available for ISO download, so that all of these devices can be made use of, and imported into Endpoint Manager. But instead schools are forced to buy the new hardware, leaving all of the devices gathering dust to go to waste. Meanwhile Google release Chrome Flex, allowing schools to install Chrome OS for free on any device they want, with an additional one-time cost of £30 to fully manage the device. Really disappointing.
Forget the Wi-Fi when a student closes the Laptop
Hello, I work at a high school and the students here have shared devices. We have set up in intune the policy that forces them to enter in their Wi-Fi to log in to the computer. After the students are done with the computer they close the lid and return it to the cart. The next student comes and takes the device and uses the prior students' Wi-Fi because they did not properly sign out. I have it set to not cache the credentials but that does not work in this case. Does anyone have a workaround for this? I asked Microsoft and they could not help so I am asking here. Any advice would be greatly appreciated. Thank you!
Rapid prototyping using PowerApps (Mixed Reality) + SPO API/Python + Solidworks & Dremel 3D45.
Here's a quick view of rapid prototyping, from CAD design to 3D printing/running a motor assembly: 1. Design components in CAD (Solidworks). 2. Import file into Power Apps & visualize, check form/fit with housing using the Mixed Reality feature. 3. 3D print (Dremel 3D45) & run system with PowerApps + SPOl API & Python coder (easy IOT). Massive opportunity for graduate students and design engineers. https://www.linkedin.com/posts/sanjiv-venkatram_aseansmsbizappsug-aseansmswomenintech-powerapps-activity-6800953732071874560-PfDtDynamic calibration (rand func./looping in PowerApps) of devices using PowerApps & other MS tech.
Greetings friends, hope you & family are well. Here's a quick view of doing semi automated calibration of devices (BLDC motor here) using the Rand() func. (pseudo random # generator) in PowerApps and a for loop. The inputs serve as a "shock" to the system and one can observe system response. We take the output to Azure ML/Excel to get the calibration curves (diminishing returns in this case). Below is the link to the same: https://www.linkedin.com/posts/sanjiv-venkatram_aseansmsbizappsug-aseansmswomenintech-powerapps-activity-6777762733678043138-tOCA We'll be demo'ing this during our ASEANS monthly meetup & kindly join here: https://lnkd.in/gVbtA5p Kind regards, Sanjiv
Visual Studio Code on school computers and security
At my school, our teaching staff wants to move from Atom to Visual Studio Code on our lab computers (running MacOS). Our SysAdmin is telling me that we aren't allowed to install VSCode because of security policies. Their concern is that VSCode allows remote code execution (through extensions). I cannot find much information online in respect to security concerns with VSCode. How are other schools doing it? Are there ways to mitigate those security issues? Or are those security concerns mistaken? If you use VSCode at your school, I would love to hear more about this !Controlling a homemade robot with a simple MS Power App - lots of learning & fun for aspiring grad s
Greetings everyone, hope you're well & staying safe. Here's a quick example of a controlling a simple homemade bot with a simple app on MS Power PS. Lots of learning and fun (at home!) for kids preparing for graduate study and for getting your 7 year old to sit in one place :-). Also for folks like me who want to relive their engineering days! :-). https://www.linkedin.com/posts/sanjiv-venkatram_aseansmsbizappsug-aseansmswomenintech-mspowerplatform-activity-6709291829139005440-0fyY
